SAML is a popular single sign on (SSO) solution supported by many enterprise products and applications. Its extreme flexibility makes it both highly functional and highly complex, which is often antithetical to security. Whether you’re integrating an existing SAML Service Provider library into your products or creating your own from scratch, you’ve likely experienced the complexity of the SAML implementation and have knowingly or unknowingly made security trade offs. As a key authentication component, a vulnerability in your SAML/SSO implementation could allow attackers to gain unauthorized access your applications as an administrator or customer user. This is a critical security area that you can’t afford to get wrong.
After numerous reviews of customer implementations and popular SAML libraries, Freefly Security has developed an adaptive SAML testing platform that runs over 2200 security tests to enumerates weaknesses in the many corner cases and obscure features of SAML. Our experts can help you protects against all known attacks and harden your implementation to resist future weaknesses.